iptables parser yields wrong results when called with -v

[BendingRodriguez]

Dear coders,

when iptables is called with -v, issue #462 still appears:

# packet counter rule | --match state | ...
0 42 <no_target> <prot> <opt> <in> ...
-> {"pkts": 0, "bytes": 42, "target": <prot>, "prot": <opt>, "opt": <in> ...}

It seems that there are no other opts than {'--', '-f', '!f'} (never seen -f nor !f in my career, but tested with iptables). So a possible fix could be to check:

• <prot> in {...} -> target = None (preferrable, I guess)
• <opt> not in {...} -> target = None
  or
• <prot> in [str/int from /etc/protocols or 'all'/0] -> target = target

What do you think?

Only as an addition:

# valid
target: str (could be an user defined one)
prot: [str/int from /etc/protocols or 'all'/0]
opt: {'--', '-f', '!f'}
# invalid
target: [str/int from /etc/protocols or 'all'/0]
prot: {'--', '-f', '!f'}
opt: {str, '*', 'any'} (iif)

Many thanks for your great, unselfish work!1

Cheers,
Enrico